Mechanisms that secure border gateway protocol (BGP) sessions using message-digest algorithm 5 (MD5) authentication have been proposed. Specifically, a Transmission Control Protocol (TCP) MD5 Signature Option has been proposed that can be appended to each Transmission Control Protocol (TCP) header. The MD5 Signature Option contains a 16-byte MD5 digest, i.e., a security portion, that serves as authentication data for the TCP segment. The MD5 digest is calculated over the following fields: the TCP pseudo-header; the TCP header, excluding options, and assuming a checksum of zero; the TCP segment data (if any); and an independently-specified key or password, known to both communicating TCP modules.
To spoof a connection using the scheme described above, an attacker would not only have to guess TCP sequence numbers, but would also have had to obtain the password included in the MD5 digest. This password never appears in the connection stream, and the actual form of the password is determined by the application.
However, synchronization of the keys at both ends of the TCP connection is often challenging, and updating keys associated with active TCP sessions typically requires dismantling those TCP sessions active between the sending and receiving device. These limitations have proven to be significant deterrents to the deployment of the TCP MD5 Signature Option for BGP.